is data remanence in persistent memory a new risk factor?

In 1981
I noticed that the contents of the RAM on a couple of preproduction processor
boards which I was playing around with retained substantially most of the test
data patterns which I'd initialized them with - even after switching the power
off.

(These cards were part of an intelligent IO system I'd
co-designed and for which I was writing the firmware. I remember it well because
I was using 2 separate in circuit emulators. One controlled by typing wth my
left hand, the other with the right.)

My
focus was checking the repeatability of the analog IO side of these systems
(from digital to analog and back again) at room temperature before we put
them in the temperature characterization ovens and ran interference tests
but I was surprised that the memory remembered - because that really wasn't
what I was expecting.

I noticed that whenever I repeated the power off
and power back on again cycling (into what we'd now call a "cold boot"
condition) most of the contents of the memory looked similar to what they had
been before, instead of scrambled which is what I expected.

Sure
there was some corruption - but most of the old data was clearly visible.

It
was interesting - but so what? In my earlier work at a previous company
similar things must have happened. But I had never noticed - due to using more
primitive tools and working under much greater time pressure.

Hm - so
RAM can remember data after losing power...

I tucked this away as
an interesting thing to remember and didn't think about it for another 10 years.
(That old memory was SRAM BTW.)

So - about 10 years later - in 1991 -
I had a customer with ultra sensitive applications who absolutely, under
no circumstances whatsoever would return an expensive processor - offsite for a
planned logic upgrade.

This was one of
those sites where they
point a gun at you as they check your ID and look in under your car and bags.

Their rigid process was - if it's got memory on it (and
this card had a lot of DRAM and a lot of processors) then it had to stay
forever under their control once it had been used.

If it couldn't be
fixed on site it would be destroyed (probably with a special mechanical
shredder).

Remembering back to my earlier experience (in 1981) I
concluded that my customer almost certainly had the ability to read cold
memory contents themselves and they were not going to be amenable to any
textbook waving engineer telling them something which they knew and I knew
was patently false:- that RAM loses its data after being unpowered.

So
the options we had at that time were:- to test things better before shipping
them and - if repairs were needed - to figure out how they could be done
on-site.

Looking back from the solid state storage everywhere
context of today it may be easy to conclude that I've had a very narrowly
focused career.

I would counter that saying my horizons have been
occasionally broadened with other storage media (which are sadly no longer
with us) and other data related aspects such as stories about
data recovery and
software.

Having
thought about these things in recent days - obviously while reading and writing
about the shape of
future memory
systems architectures we might yet see - I thought - isn't it a bit
strange that I haven't come across this angle (of recovering data from cold
DRAM) in any of the stories here on the mouse site?

Maybe you imagined
it? Or maybe you just missed it? I thought.

recovering data from
cold DRAM

So I did a quick Google search this morning and was
reassured to find that there some published literature on this topic.

From which article I quote - "This
suggests that, even in modern memory modules, data may be recoverable for hours
or days with sufficient cooling." ...read
the article (pdf)

To which I would add - you can skip the
cooling requirement and get a recoverability time of days if you use DSP
techniques and play around with the RAM voltages.

So... what's the
point of mentioning this now?

Having gone down this tour of memory
lane and observing that if you're recycling servers then there's a security
vulnerability in the DRAM on those processor boards - not just in the much
better known HDDs and
SSDs.

And BTW
don't rely on encryption to protect the DRAM contents - because your processor
and its memory contents are on good speaking terms.

My point is that
- now we're seeing new types of persistent memory creeping into DIMM sockets.
And not just the flash backed hybrids but flash as RAM too.

So now
you've got terabytes of data in these sockets. (And depending on your workloads
some of this data stays in place for days or even weeks without being swapped
out.)

And when the power is switched off - even without recourse to
freezer spray - the contents will be there - clearly visible to someone with the
right forensic skills - for months or years - same as if it were on a hard
drive.

This creates new doors of opportunity for those in the
business of making sure that doors which are thought to be shut stay firmly
closed.

Arthur Sainio
who is Director Product Marketing at SMART told me - "Yes, it does have
the capability to do encryption, but it has not been enabled. We are in
discussions at the JEDEC
meetings as to how this is implemented with the NVDIMM specifications."

....

....

Marketers have as much to
do with the DWPD ratings you see on SSDs as engineers.

Are you whiteboarding
alternative server based SSD / SCM / SDS architectures? It's messy keeping
track of those different options isn't it? Take a look at an easy to remember
hex based shorthand which can aptly describe any SSD accelerated server blade.

I
think it's not too strong to say that the enterprise PCIe SSD market (as we
once knew it) has exploded and fragmented into many different directions. (And
some big bang PCIe SSD dreams have shrunk too.)